monitor TCP communication

Jhair Tocancipa Triana jhair.tocancipa at gmail.com
Sun Jan 7 11:05:08 UTC 2007 

Marco Mandl writes:

> I can't get evolution to work with my IMAP server. I want to see what's
> actually happening. So I want to monitor / log the detailed traffic on a
> certain port - some sort of sniffing.

You can use ngrep[1]. For example the following shows what is
happening when I read your message headers from my news server. You
can adjust host and port to match your IMAP host and port to get the
information you want.

# ngrep -d any host 80.91.229.5 and port 119
interface: any
filter: (ip or ip6) and ( host 80.91.229.5 and port 119 )
#
T 217.233.232.185:48540 -> 80.91.229.5:119 [AP]
  ARTICLE 103447..
##
T 80.91.229.5:119 -> 217.233.232.185:48540 [AP]
  220 103447 <pan.2007.01.07.10.28.40.228459 at gmx.at> article..
##
T 80.91.229.5:119 -> 217.233.232.185:48540 [A]
  Path: news.gmane.org!not-for-mail..From: Marco Mandl <marco.mandl at gmx.at>..
  Newsgroups: gmane.linux.ubuntu.user..Subject: monitor TCP communication..Da
  te: Sun, 07 Jan 2007 11:28:40 +0100..Lines: 13..Approved: news at gmane.org..M
  essage-ID: <pan.2007.01.07.10.28.40.228459 at gmx.at>..Reply-To: "Ubuntu user
  technical support,...not for general discussions" <ubuntu-users at lists.ubunt
  u.com>..NNTP-Posting-Host: lo.gmane.org..Mime-Version: 1.0..Content-Type: t
  ext/plain; charset="us-ascii"..Content-Transfer-Encoding: 7bit..X-Trace: se
  a.gmane.org 1168165804 20062 80.91.229.12 (7 Jan 2007 10:30:04 GMT)..X-Comp
  laints-To: usenet at sea.gmane.org..NNTP-Posting-Date: Sun, 7 Jan 2007 10:30:0
  4 +0000 (UTC)..Original-X-From: ubuntu-users-bounces at lists.ubuntu.com Sun J
  an 07 11:30:03 2007..Return-path: <ubuntu-users-bounces at lists.ubuntu.com>..
  Envelope-to: gluu-ubuntu-users at m.gmane.org..Original-Received: from esperan
  za.ubuntu.com ([82.211.81.173])...by lo.gmane.org with esmtp (Exim 4.50)...
  id 1H3VHp-0006jy-6d...for gluu-ubuntu-users at m.gmane.org; Sun, 07 Jan 2007 1
  1:29:57 +0100..Original-Received: from localhost ([127.0.0.1] helo=esperanz
  a.ubuntu.com)...by esperanza.ubuntu.com with esmtp (Exim 4.60)...(envelope-
  from <ubuntu-users-bounces at lists.ubuntu.com>)...id 1H3VH0-0004fv-Fy; Sun, 0
  7 Jan 2007 10:29:06 +0000..Original-Received: from main.gmane.org ([80.91.2
  29.2] helo=ciao.gmane.org)...by esperanza.ubuntu.com with esmtp (Exim 4.60)
  ...(envelope-fr
##

HTH,

______________ 
[1] http://ngrep.sourceforge.net/usage.html

-- 
-- Jhair

More information about the ubuntu-users mailing list